<div><br></div>Thanks to your excellent analysis it was easy for me to figure out a fix.<div><br></div><div>The problem is that LocalizationFilter's HttpRequestWrapper for reasons of brewity extends, and makes use of HttpServletRequestWrapper which is there for exactly that purpose.</div>
<div><br></div><div>Catalina, however is being a bit too smart, probably in order to support certain cross-context scenarios, but in a way that breaks proper behaviour for our case. In ApplicationDispatcher it detects that LocalizationFilter's HttpRequestWrapper is instanceof ServletRequestWrapper, and injects a different request object into it via inherited setRequest() method - effectively making it wrap a completely different request.</div>
<div><br></div><div>The solution is simply not to use HttpServletRequestWrapper when implementing LocalizationFilter's HttpRequestWrapper.</div><div><br></div><div>I'll do some more tests before committing.</div><div>
<br></div><div><br></div><br><div class="gmail_quote">On Sun, Sep 5, 2010 at 4:00 PM, Phuong Vu Viet <span dir="ltr"><<a href="mailto:vstorm83@gmail.com">vstorm83@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Steps to reproduce:<br>- Try to register new user : fill the form with all needed data<br>- Expect : Register successfully, but always show PopupMessage : Text verification isn't correct<br><br>I've tried to debug and found that :<br>
- in PortalController servlet and CaptchaServlet : i can retrieve the same HttpSession from the HttpRequestWrapper (wrapped in LocalizationFilter)<br>- but in the CaptchaValidator : after call to portalRequestContext.getRequest().getSession() , the HttpSession object is difference with the one we retrieved in PortalController<br>
<br>Actually, in each request, ApplicationDispatcher doesn't wrap the ServletFacade , it wrap the
HttpRequestWrapper (RequestFacade has already wrapped by LocalizationFilter), and the local variable crossContext is set to true
--> In portlet, when i call getSession(), the wrapper object delegates the call to ApplicationHttpRequest, but this wrapper doesn't delegate to RequestFacade's getSession() method but
return the wrong HttSession
<br>_______________________________________________<br>
gatein-dev mailing list<br>
<a href="mailto:gatein-dev@lists.jboss.org">gatein-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/gatein-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/gatein-dev</a><br>
<br></blockquote></div><br>